Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

171 advisories

Loading
Diffoscope may write to arbitrary locations due to an untrusted archive Critical
CVE-2017-0359 was published for diffoscope (pip) Jul 13, 2018
Directory traversal in Django Critical
CVE-2011-0698 was published for Django (pip) Jul 23, 2018
MarkLee131
Ansible Path Traversal vulnerability Moderate
CVE-2019-3828 was published for ansible (pip) Apr 15, 2019
NLTK Vulnerable To Path Traversal High
CVE-2019-14751 was published for nltk (pip) Aug 23, 2019
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
MoinMoin vulnerable to remote code execution via cache action High
CVE-2020-25074 was published for moin (pip) Nov 11, 2020
Django Directory Traversal via archive.extract Moderate
CVE-2021-3281 was published for django (pip) Mar 18, 2021
Path Traversal in Ansible Moderate
CVE-2020-1735 was published for ansible (pip) Apr 7, 2021
jhampson-dbre
Directory Traversal in Django Moderate
CVE-2021-28658 was published for Django (pip) Apr 8, 2021
Path Traversal in Ansible High
CVE-2020-1737 was published for ansible (pip) Apr 20, 2021
Path Traversal in Ansible Moderate
CVE-2020-10691 was published for ansible (pip) Apr 20, 2021
tdunlap607
Flask-Cors Directory Traversal vulnerability High
CVE-2020-25032 was published for Flask-Cors (pip) May 6, 2021
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
Remote Code Execution via traversal in TAL expressions High
GHSA-rpcg-f9q6-2mq6 was published for Zope (pip) Jun 8, 2021
Path Traversal in pip High
CVE-2019-20916 was published for pip (pip) Jun 9, 2021
Path Traversal in Django Moderate
CVE-2021-33203 was published for Django (pip) Jun 10, 2021
Path Traversal in Zope High
CVE-2021-32674 was published for Zope (pip) Jun 10, 2021
The Fuck Arbitrary File Deletion via Path Traversal Critical
CVE-2021-34363 was published for thefuck (pip) Jun 15, 2021
Path Traversal in Zope High
CVE-2021-32633 was published for Zope (pip) Jun 15, 2021
Path traversal in impacket Critical
CVE-2021-31800 was published for impacket (pip) Jun 18, 2021
Remote Code Execution via traversal in TAL expressions Moderate
GHSA-5pr9-v234-jw36 was published for Zope (pip) Jun 18, 2021
Path Traversal in bikshed Moderate
CVE-2021-23423 was published for bikeshed (pip) Aug 30, 2021
Directory traversal in mkdocs High
CVE-2021-40978 was published for mkdocs (pip) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database